The Defence Department appears to have broken the law by failing to publish the latest personal information listings of Canada's electronic eavesdropping agency.

Under federal privacy law, ministers are obliged to list the personal data banks — which hold information about individuals — compiled by agencies in their portfolios.

However, there is no public listing this year for Communications Security Establishment Canada, known as CSEC, which reports to the defence minister.

The omission has prompted University of Ottawa professor Amir Attaran to lodge a complaint with the federal privacy commissioner, who polices the federal law governing personal information. ...

CSEC spokesman Ryan Foreman said the spy service's personal information banks used to be listed along with other Defence Department holdings in a federal publication called InfoSource, but in future will be cited separately, as CSEC is now a standalone agency.

"CSEC is not exempted from the reporting requirements to publish an InfoSource submission. CSEC will be preparing its first independent InfoSource submission for the 2013-2014 reporting period," Foreman said.

"Previously published versions of InfoSource can be accessed through the Treasury Board Secretariat."

Attaran points out that CSEC became a separate agency in November 2011, and the Privacy Act clearly states that the responsible minister — in this case Defence Minister Peter MacKay — must list a body's personal information banks at least once annually.

In addition, the listing must include a description of the sort of information in the banks, how long the data will be kept, and where a member of the public can send a request under the Privacy Act for any files about themselves in the banks.